wireshark-mcp
If you are the rightful owner of wireshark-mcp and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to henry@mcphub.com.
Wireshark MCP Server exposes PyShark functionality through the Model Context Protocol (MCP), enabling AI assistants to interact with network packet capture and analysis capabilities.
The Wireshark MCP Server is a project designed to integrate PyShark's network packet capture and analysis functionalities with AI assistants like Claude through the Model Context Protocol (MCP). This server allows users to perform network analysis tasks such as capturing live packets, reading and analyzing packet capture files, and detecting network protocols. It requires Python 3.8+, TShark, and administrative privileges for live packet capture. The server can be run in development mode or installed directly in Claude Desktop, providing a seamless interface for network analysis tasks. Users can interact with the server to list network interfaces, capture targeted traffic, and analyze HTTP traffic, among other functionalities. Security considerations are paramount, and users must ensure they have the proper authorization and comply with legal requirements when capturing network traffic.
Features
- Exposes PyShark functionality through MCP for AI interaction
- Supports live packet capture and analysis
- Provides tools for targeted traffic capture and protocol detection
- Integrates with Claude Desktop for seamless usage
- Customizable with advanced capture and analysis tools
Tools
list_interfaces
List all available network interfaces
capture_live_packets
Capture real-time packets from network interface
read_pcap_file
Read and analyze packet capture files
analyze_traffic
Analyze network traffic patterns
capture_targeted_traffic
Capture traffic for a specific target
capture_to_file
Capture network traffic and save to PCAP file
analyze_http_traffic
Analyze HTTP traffic
detect_network_protocols
Detection and reporting network protocols